CVE-2025-41234 | VMware Spring Framework up to 6.0.28/6.1.20/6.2.7 org.springframework.http.ContentDisposition Content-Disposition response splitting

A vulnerability was found in VMware Spring Framework up to 6.0.28/6.1.20/6.2.7 and classified as problematic. Affected by this issue is some unknown functionality of the component org.springframework.http.ContentDisposition. The manipulation of the argument Content-Disposition leads to http response splitting.

This vulnerability is handled as CVE-2025-41234. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More